14 matches found
EUVD-2017-3258
Malware in sbrugna...
EUVD-2017-3257
Malware in sbrugna...
CVE-2017-11647
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
CVE-2017-11647
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
CVE-2017-11645
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...
CVE-2017-11646
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device...
Cross site request forgery (csrf)
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device...
Cross site scripting
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
Design/Logic Flaw
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...
CVE-2017-11646
NetComm Wireless 4GT101W routers (Hardware 0.01, Software V1.1.8.8, Bootloader 1.1.3) are vulnerable to Cross-Site Request Forgery (CSRF) as detailed in CVE-2017-11646. The affected component is the device web interface; the root cause is the absence of CSRF protections/tokens in administration.h...
CVE-2017-11647
NetComm Wireless 4GT101W routers (Hardware 0.01 / Software 1.1.8.8 / Bootloader 1.1.3) are affected by CVE-2017-11647 due to a stored cross-site scripting vulnerability triggered by creating an SSID with an XSS payload. Exploitation involves injecting script via the SSID field, allowing script ex...
CVE-2017-11645
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or systemconfig.html...
CVE-2017-11647
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to stored cross-site scripting attacks. Creating an SSID with an XSS payload results in successful exploitation...
CVE-2017-11646
NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device...